News Stay informed about the latest enterprise technology news and product updates.

Beware of malicious pdf files

Yesterday we reported that Adobe patched a critical flaw in its Adobe Reader and Acrobat programs. Now comes word that the bad guys are sending out malicious .pdf files that exploit the vulnerability. The SANS Internet Storm Center has a short and sweet summary of the .pdf threat:

“The vulnerability initially reported here and confirmed here (with workaround) and patched here now appears to have been spotted in the wild. The proof of concept code had been released, and a number of people have reported receiving the PDFs which exploit the vulnerability.”

Here’s some more analysis from the Symantec Security Response Center blog on a Trojan that’s embedded in these malicious .pdf files:

“We have discovered a new Trojan named Trojan.Pidief.A that actually exploits this vulnerability to compromise an unpatched computer. So far we have seen a fair number of emails containing this new Trojan in the wild. It is likely that Trojan.Pidief.A has been spammed out in targeted attacks on specific business organizations. The Trojan will most likely arrive through email with a subject such as ‘invoice,’ ‘statement’ or ‘bill’ of some description, and just containing the .pdf file.”

As for advice on what to do about it, I refer to these words of wisdom from the SANS ISC: “Please patch, apply the workarounds, and/or ensure you can detect and block the exploit.”

Start the conversation

Send me notifications when other members comment.

Please create a username to comment.